Hi everyone!
I been reading the community topics similar to this, but none of the solutions I've seen seem to apply to my case.
So I have a dummy server (Captive portal) that needs a valid certificate in order to work.
I used the manual method, since the Captive portal does not allow to install certbot: "sudo certbot certonly --manual -d portal.example.com"
When configuring it the first time around I created a CSR for a domain and a SAN, and validated the requests using CNAME entries on the public DNS domain.
The Server constantly complained that SANs where not supported, so when renovation time came, I split certificates for the root domain and for a subdomain instead of a SAN. Installed it and all is working fine ever since
But today I got an email warning me that I had 0 days left for the renewal of the certificate:
Hello,
Your certificate (or certificates) for the names listed below will expire in
0 days (on 29 Aug 17 09:34 +0000). Please make sure to renew
your certificate before then, or visitors to your website will encounter errors.
I went ahead and did a certbot renew yet got:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Processing /etc/letsencrypt/renewal/example.com.conf
Cert not yet due for renewal
Processing /etc/letsencrypt/renewal/portal.example.com.conf
Cert not yet due for renewal
The following certs are not due for renewal yet:
/etc/letsencrypt/live/example.com.com/fullchain.pem (skipped)
/etc/letsencrypt/live/portal.example.com/fullchain.pem (skipped)
No renewals were attempted.
After this I opened the certificates that are installed on the captive portal and got to see that, yes they are not due to renewal at all:
Issuer: C=US, O=Let's Encrypt, CN=Let's Encrypt Authority X3 Validity Not Before: Aug 4 15:00:00 2017 GMT Not After : Nov 2 15:00:00 2017 GMT Subject: CN=portal.hotelpalladium.com
So are the email warnings wrong? Did I screw up somewhere?
Or maybe I'm getting warnings from the first certificate (the one with SANs) since it uses the same root domain? If so how do I stop the warnings being sent to the email when it's not yet time?
Thanks in advance.